Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/Rs9hCJzXXCysEpcgUTYIwZfxba0.roa
File: Rs9hCJzXXCysEpcgUTYIwZfxba0.roa (raw, json)
Hash identifier: lP31u4k0Jr6f9bHbVAp6N2nm+1m01REHTYhdiNX5vcI=
Subject key identifier: 46:CF:61:08:9C:D7:5C:2C:AC:12:97:20:51:36:08:C1:97:F1:6D:AD
Certificate issuer: /CN=8331a361bdc51d7aacadce302f1257d5c3f35ae1
Certificate serial: 0181F465F70541CB2B5140315A30D1D14067
Authority key identifier: 83:31:A3:61:BD:C5:1D:7A:AC:AD:CE:30:2F:12:57:D5:C3:F3:5A:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzGjYb3FHXqsrc4wLxJX1cPzWuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/Rs9hCJzXXCysEpcgUTYIwZfxba0.roa
Signing time: Tue 12 Jul 2022 21:52:11 +0000
ROA not before: Tue 12 Jul 2022 21:52:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58061
IP address blocks: 2.58.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:65:f7:05:41:cb:2b:51:40:31:5a:30:d1:d1:40:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8331a361bdc51d7aacadce302f1257d5c3f35ae1
Validity
Not Before: Jul 12 21:52:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46cf61089cd75c2cac129720513608c197f16dad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b7:ef:16:66:0c:99:82:5c:3f:1c:02:fc:bb:
9f:32:15:34:fa:f7:71:60:f0:ca:44:f4:0d:88:02:
64:3b:06:fb:72:c7:13:c8:e7:7a:cc:0d:71:a9:98:
af:12:57:23:04:a7:67:11:27:e9:ff:bc:8f:59:cc:
ab:ed:66:c5:76:ea:87:64:d8:aa:60:56:6c:c3:d3:
a3:eb:e0:ad:2e:f9:f5:bf:5c:92:d5:d9:c2:2b:50:
fb:0f:de:9a:f8:9b:45:20:04:5c:6b:c0:7a:94:b1:
9d:49:78:2d:80:23:11:d8:1b:e1:b7:7c:6d:9d:e1:
78:cf:d2:33:78:32:ad:0b:52:19:54:ea:8e:d1:7d:
d5:8e:5e:4a:37:30:c9:ab:c8:2c:28:ec:a6:d9:4a:
57:e8:41:e9:2e:6c:9e:fb:3f:ee:d5:38:68:b6:72:
c2:a3:71:48:98:2e:25:be:5e:d2:fc:3e:f2:9a:26:
a7:b3:52:67:c9:d9:50:24:dc:d8:49:8a:8d:b2:f4:
65:a9:a6:00:8c:6b:6f:69:bf:63:af:fa:ce:57:39:
e2:fa:6f:42:77:aa:e2:24:f3:b5:fa:2c:89:d3:05:
88:64:f1:c6:ce:3c:4d:1a:c7:94:9d:90:f2:f5:f0:
87:e4:9f:27:f8:0a:11:cf:19:eb:6a:3b:c2:46:6e:
b2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CF:61:08:9C:D7:5C:2C:AC:12:97:20:51:36:08:C1:97:F1:6D:AD
X509v3 Authority Key Identifier:
keyid:83:31:A3:61:BD:C5:1D:7A:AC:AD:CE:30:2F:12:57:D5:C3:F3:5A:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzGjYb3FHXqsrc4wLxJX1cPzWuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/Rs9hCJzXXCysEpcgUTYIwZfxba0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/d0b751-8e26-4066-8dfe-245cc8163174/1/gzGjYb3FHXqsrc4wLxJX1cPzWuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.99.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:2a:ed:9a:b9:8d:ea:1e:2b:ff:70:be:03:4b:d8:f4:54:a4:
c9:8b:97:c0:e3:c7:62:78:ff:b9:ab:89:66:57:9b:2f:b2:77:
6d:1a:f2:aa:4e:14:09:f7:dc:c1:b6:c4:d6:e3:d5:5a:25:38:
95:3e:c3:d0:4d:3f:05:64:d7:a7:fc:b8:a4:23:0d:22:9c:f2:
89:e4:b6:fd:80:27:89:03:a9:ef:05:80:a1:71:fc:e6:e1:59:
be:48:30:de:3e:65:d0:0c:e6:49:d9:ad:64:d1:af:c8:6b:c2:
26:83:fb:ce:81:89:3e:e7:79:76:1e:22:e9:6a:e3:39:67:bd:
f8:8f:45:ce:aa:eb:9f:ac:53:ac:6f:b8:c6:23:96:11:0a:d1:
7c:2a:fa:ad:50:c2:73:81:9d:85:e3:a4:23:7b:ba:a2:c2:ad:
64:4c:27:ac:55:f3:33:51:70:b0:78:93:e8:96:50:a2:36:a9:
b2:44:ad:ea:e7:43:74:5e:e4:39:ae:f4:ec:5e:2b:ff:f0:23:
6b:2b:cd:39:42:ca:4b:40:75:1c:5c:df:81:ec:45:e9:e4:08:
99:de:23:c4:99:c5:19:42:5c:05:14:67:27:26:2b:0e:e3:12:
8b:86:dd:ed:ec:62:da:65:0a:55:af:a9:8b:e6:33:c7:82:a7:
cb:86:19:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH0ZfcFQcsrUUAxWjDR0UBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzFhMzYxYmRjNTFkN2FhY2FkY2UzMDJmMTI1N2Q1YzNm
MzVhZTEwHhcNMjIwNzEyMjE1MjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmNmNjEwODljZDc1YzJjYWMxMjk3MjA1MTM2MDhjMTk3ZjE2ZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7fvFmYMmYJcPxwC/LufMhU0+vdx
YPDKRPQNiAJkOwb7cscTyOd6zA1xqZivElcjBKdnESfp/7yPWcyr7WbFduqHZNiq
YFZsw9Oj6+CtLvn1v1yS1dnCK1D7D96a+JtFIARca8B6lLGdSXgtgCMR2Bvht3xt
neF4z9IzeDKtC1IZVOqO0X3Vjl5KNzDJq8gsKOym2UpX6EHpLmye+z/u1ThotnLC
o3FImC4lvl7S/D7ymians1JnydlQJNzYSYqNsvRlqaYAjGtvab9jr/rOVzni+m9C
d6riJPO1+iyJ0wWIZPHGzjxNGseUnZDy9fCH5J8n+AoRzxnrajvCRm6yIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbPYQic11wsrBKXIFE2CMGX8W2tMB8GA1UdIwQY
MBaAFIMxo2G9xR16rK3OMC8SV9XD81rhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pHalliM0ZIWHFzcmM0d0x4SlgxY1B6V3VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9kMGI3NTEtOGUyNi00MDY2LThkZmUt
MjQ1Y2M4MTYzMTc0LzEvUnM5aENKelhYQ3lzRXBjZ1VUWUl3WmZ4YmEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9kMGI3NTEtOGUyNi00MDY2LThkZmUtMjQ1Y2M4MTYzMTc0
LzEvZ3pHalliM0ZIWHFzcmM0d0x4SlgxY1B6V3VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpjMA0G
CSqGSIb3DQEBCwUAA4IBAQCPKu2auY3qHiv/cL4DS9j0VKTJi5fA48dieP+5q4lm
V5svsndtGvKqThQJ99zBtsTW49VaJTiVPsPQTT8FZNen/LikIw0inPKJ5Lb9gCeJ
A6nvBYChcfzm4Vm+SDDePmXQDOZJ2a1k0a/Ia8Img/vOgYk+53l2HiLpauM5Z734
j0XOquufrFOsb7jGI5YRCtF8KvqtUMJzgZ2F46Qje7qiwq1kTCesVfMzUXCweJPo
llCiNqmyRK3q50N0XuQ5rvTsXiv/8CNrK805QspLQHUcXN+B7EXp5AiZ3iPEmcUZ
QlwFFGcnJisO4xKLht3t7GLaZQpVr6mL5jPHgqfLhhn6
-----END CERTIFICATE-----
Generated at Thu May 1 13:36:59 2025 by rpki-client